Merge tag 'block-pull-request' of https://gitlab.com/stefanha/qemu into staging

Pull request

# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCAAdFiEEhpWov9P5fNqsNXdanKSrs4Grc8gFAmeb4h0ACgkQnKSrs4Gr
# c8jqngf/WC+QeP9FPTp0yYF7+W25OrOejMpvCggfZAXCoTs1ruApab0OrYYQFFyb
# iJUece0p4hvcrbxScyCWyHn9g2BDnQGGXAjTIzGzZ56sNdySMYB4XdZ1UeikQwh8
# gHwWAb5G0x5Q2P8LMp3xVkbceeiw+WfiE/KiKsjio3OfBGoOC32LEdC6+QvOw2hs
# Q5mnHUZG4I1YXMkJQh7M/BF4oE+weKMhD2IHrZtRPygjsK6Zv99J8W7yLa2HeSVz
# So5vzYV+2A4FOdomSn9iExNb16jImV2Zl5tIAe60hVQ6fvMT0OCCWmQtgUi78MDK
# bnp+VWj8a0Rm2vJeWX54pu0b6vo1Vg==
# =NOSK
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 30 Jan 2025 15:33:33 EST
# gpg:                using RSA key 8695A8BFD3F97CDAAC35775A9CA4ABB381AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>" [ultimate]
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>" [ultimate]
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35  775A 9CA4 ABB3 81AB 73C8

* tag 'block-pull-request' of https://gitlab.com/stefanha/qemu:
  parallels: fix ext_off assertion failure due to overflow

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

1 files changed, 4 insertions, 0 deletions

diff --git a/block/parallels.c b/block/parallels.c
index 23751b2..d4bfc44 100644
--- a/block/parallels.c
+++ b/block/parallels.c
@@ -1298,6 +1298,10 @@ static int parallels_open(BlockDriverState *bs, QDict *options, int flags,
         error_setg(errp, "Catalog too large");
         return -EFBIG;
     }
+    if (le64_to_cpu(ph.ext_off) >= (INT64_MAX >> BDRV_SECTOR_BITS)) {
+        error_setg(errp, "Invalid image: Too big offset");
+        return -EFBIG;
+    }
 
     size = bat_entry_off(s->bat_size);
     s->header_size = ROUND_UP(size, bdrv_opt_mem_align(bs->file->bs));